We are pleased to announce that we’ve completed the updates on our contracts and have received positive reports from our Auditors. These reports will be public soon. You can find the updated (v1.1) smart contracts on Tinyman Github. So bounty hunters, please review the contract source code to find bugs, errors, and vulnerabilities.
We have come to realize that, no matter what kind of formal verifications and audits we go through, Tinyman can only be more robust with the collaboration of its community. All our efforts moving forward will take this to heart. On that note, we would like to announce our bug bounty campaign.
Critical: Up to $100,000 + single edition Tinyman NFT
High: $10,000 + NFT
Medium: $5,000
Low: $1,000
The severity of the bugs will be decided by the Tinyman development team in consultation with other developers in the space. Tinyman team will publicly share the decision and the rewards. You can join the Tinyman Discord bug-bounty channel to find the relevant information.
When you believe that you have found a bug, please get in touch with us via email:
We will get in touch with you within 24h. Do not share any information about your finding with anyone else until the team has contacted you.
This bounty program does not have a deadline, and it will continue until we formally call it off. However, as we are inching towards getting the protocol ready as early as possible, we’d like to invite you to start digging right away.
Rules
1) The information to any vulnerability found must not be shared with anybody until the public recognition to be eligible for a reward.
2) Rewards for the same bug reported by multiple people within a short timeframe will be shared by the bounty hunters.
3) Bug bounty applies only for Tinyman v1.1 smart contracts that are deployed on testnet. Please follow the links to the contracts.
Links
Contracts:
Transaction Specifications:
Tinyman Contracts Internal Review:
Tinyman Discord bug-bounty channel:
Discord